Add Authority Advisory AI and API Lifecycle Configuration
- Introduced AuthorityAdvisoryAiOptions and related classes for managing advisory AI configurations, including remote inference options and tenant-specific settings. - Added AuthorityApiLifecycleOptions to control API lifecycle settings, including legacy OAuth endpoint configurations. - Implemented validation and normalization methods for both advisory AI and API lifecycle options to ensure proper configuration. - Created AuthorityNotificationsOptions and its related classes for managing notification settings, including ack tokens, webhooks, and escalation options. - Developed IssuerDirectoryClient and related models for interacting with the issuer directory service, including caching mechanisms and HTTP client configurations. - Added support for dependency injection through ServiceCollectionExtensions for the Issuer Directory Client. - Updated project file to include necessary package references for the new Issuer Directory Client library.
This commit is contained in:
master
@@ -171,5 +171,7 @@ public sealed class ScannerWorkerOptions
|
||||
public string EntryTraceLayerDirectoriesMetadataKey { get; set; } = ScanMetadataKeys.LayerDirectories;
|
||||
|
||||
public string EntryTraceLayerArchivesMetadataKey { get; set; } = ScanMetadataKeys.LayerArchives;
|
||||
|
||||
public string EntryTraceProcRootMetadataKey { get; set; } = ScanMetadataKeys.RuntimeProcRoot;
|
||||
}
|
||||
}
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
@@ -1,7 +1,7 @@
|
||||
using System.Diagnostics;
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
using Microsoft.Extensions.Hosting;
|
||||
using Microsoft.Extensions.Logging;
|
||||
using System.Diagnostics;
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
using Microsoft.Extensions.Hosting;
|
||||
using Microsoft.Extensions.Logging;
|
||||
using Microsoft.Extensions.Options;
|
||||
using Microsoft.Extensions.DependencyInjection.Extensions;
|
||||
using StellaOps.Auth.Client;
|
||||
@@ -10,101 +10,120 @@ using StellaOps.Scanner.Analyzers.OS.Plugin;
|
||||
using StellaOps.Scanner.Analyzers.Lang.Plugin;
|
||||
using StellaOps.Scanner.EntryTrace;
|
||||
using StellaOps.Scanner.Core.Security;
|
||||
using StellaOps.Scanner.Surface.Env;
|
||||
using StellaOps.Scanner.Surface.FS;
|
||||
using StellaOps.Scanner.Surface.Secrets;
|
||||
using StellaOps.Scanner.Surface.Validation;
|
||||
using StellaOps.Scanner.Worker.Diagnostics;
|
||||
using StellaOps.Scanner.Worker.Hosting;
|
||||
using StellaOps.Scanner.Worker.Options;
|
||||
using StellaOps.Scanner.Worker.Processing;
|
||||
|
||||
var builder = Host.CreateApplicationBuilder(args);
|
||||
|
||||
builder.Services.AddOptions<ScannerWorkerOptions>()
|
||||
.BindConfiguration(ScannerWorkerOptions.SectionName)
|
||||
.ValidateOnStart();
|
||||
|
||||
using StellaOps.Scanner.Storage.Extensions;
|
||||
|
||||
var builder = Host.CreateApplicationBuilder(args);
|
||||
|
||||
builder.Services.AddOptions<ScannerWorkerOptions>()
|
||||
.BindConfiguration(ScannerWorkerOptions.SectionName)
|
||||
.ValidateOnStart();
|
||||
|
||||
builder.Services.AddSingleton<IValidateOptions<ScannerWorkerOptions>, ScannerWorkerOptionsValidator>();
|
||||
builder.Services.AddSingleton(TimeProvider.System);
|
||||
builder.Services.AddScannerCache(builder.Configuration);
|
||||
builder.Services.AddSurfaceEnvironment(options =>
|
||||
{
|
||||
options.ComponentName = "Scanner.Worker";
|
||||
});
|
||||
builder.Services.AddSurfaceValidation();
|
||||
builder.Services.AddSurfaceFileCache();
|
||||
builder.Services.AddSurfaceSecrets();
|
||||
builder.Services.AddSingleton<ScannerWorkerMetrics>();
|
||||
builder.Services.AddSingleton<ScanProgressReporter>();
|
||||
builder.Services.AddSingleton<ScanJobProcessor>();
|
||||
builder.Services.AddSingleton<ScanProgressReporter>();
|
||||
builder.Services.AddSingleton<ScanJobProcessor>();
|
||||
builder.Services.AddSingleton<LeaseHeartbeatService>();
|
||||
builder.Services.AddSingleton<IDelayScheduler, SystemDelayScheduler>();
|
||||
|
||||
builder.Services.AddEntryTraceAnalyzer();
|
||||
builder.Services.AddSingleton<IEntryTraceExecutionService, EntryTraceExecutionService>();
|
||||
|
||||
var storageSection = builder.Configuration.GetSection("ScannerStorage");
|
||||
var connectionString = storageSection.GetValue<string>("Mongo:ConnectionString");
|
||||
if (!string.IsNullOrWhiteSpace(connectionString))
|
||||
{
|
||||
builder.Services.AddScannerStorage(storageSection);
|
||||
}
|
||||
|
||||
builder.Services.TryAddSingleton<IScanJobSource, NullScanJobSource>();
|
||||
builder.Services.TryAddSingleton<IPluginCatalogGuard, RestartOnlyPluginGuard>();
|
||||
builder.Services.AddSingleton<IOSAnalyzerPluginCatalog, OsAnalyzerPluginCatalog>();
|
||||
builder.Services.AddSingleton<ILanguageAnalyzerPluginCatalog, LanguageAnalyzerPluginCatalog>();
|
||||
builder.Services.AddSingleton<IScanAnalyzerDispatcher, CompositeScanAnalyzerDispatcher>();
|
||||
builder.Services.AddSingleton<IScanStageExecutor, AnalyzerStageExecutor>();
|
||||
|
||||
builder.Services.AddSingleton<ScannerWorkerHostedService>();
|
||||
builder.Services.AddHostedService(sp => sp.GetRequiredService<ScannerWorkerHostedService>());
|
||||
|
||||
var workerOptions = builder.Configuration.GetSection(ScannerWorkerOptions.SectionName).Get<ScannerWorkerOptions>() ?? new ScannerWorkerOptions();
|
||||
|
||||
builder.Services.Configure<HostOptions>(options =>
|
||||
{
|
||||
options.ShutdownTimeout = workerOptions.Shutdown.Timeout;
|
||||
});
|
||||
|
||||
builder.ConfigureScannerWorkerTelemetry(workerOptions);
|
||||
|
||||
if (workerOptions.Authority.Enabled)
|
||||
{
|
||||
builder.Services.AddStellaOpsAuthClient(clientOptions =>
|
||||
{
|
||||
clientOptions.Authority = workerOptions.Authority.Issuer?.Trim() ?? string.Empty;
|
||||
clientOptions.ClientId = workerOptions.Authority.ClientId?.Trim() ?? string.Empty;
|
||||
clientOptions.ClientSecret = workerOptions.Authority.ClientSecret;
|
||||
clientOptions.EnableRetries = workerOptions.Authority.Resilience.EnableRetries ?? true;
|
||||
clientOptions.HttpTimeout = TimeSpan.FromSeconds(workerOptions.Authority.BackchannelTimeoutSeconds);
|
||||
|
||||
clientOptions.DefaultScopes.Clear();
|
||||
foreach (var scope in workerOptions.Authority.Scopes)
|
||||
{
|
||||
if (string.IsNullOrWhiteSpace(scope))
|
||||
{
|
||||
continue;
|
||||
}
|
||||
|
||||
clientOptions.DefaultScopes.Add(scope);
|
||||
}
|
||||
|
||||
clientOptions.RetryDelays.Clear();
|
||||
foreach (var delay in workerOptions.Authority.Resilience.RetryDelays)
|
||||
{
|
||||
if (delay <= TimeSpan.Zero)
|
||||
{
|
||||
continue;
|
||||
}
|
||||
|
||||
clientOptions.RetryDelays.Add(delay);
|
||||
}
|
||||
|
||||
if (workerOptions.Authority.Resilience.AllowOfflineCacheFallback is bool allowOffline)
|
||||
{
|
||||
clientOptions.AllowOfflineCacheFallback = allowOffline;
|
||||
}
|
||||
|
||||
if (workerOptions.Authority.Resilience.OfflineCacheTolerance is { } tolerance && tolerance > TimeSpan.Zero)
|
||||
{
|
||||
clientOptions.OfflineCacheTolerance = tolerance;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
builder.Logging.Configure(options =>
|
||||
{
|
||||
options.ActivityTrackingOptions = ActivityTrackingOptions.SpanId
|
||||
| ActivityTrackingOptions.TraceId
|
||||
| ActivityTrackingOptions.ParentId;
|
||||
});
|
||||
|
||||
var host = builder.Build();
|
||||
|
||||
await host.RunAsync();
|
||||
|
||||
public partial class Program;
|
||||
|
||||
builder.Services.AddSingleton<ScannerWorkerHostedService>();
|
||||
builder.Services.AddHostedService(sp => sp.GetRequiredService<ScannerWorkerHostedService>());
|
||||
|
||||
var workerOptions = builder.Configuration.GetSection(ScannerWorkerOptions.SectionName).Get<ScannerWorkerOptions>() ?? new ScannerWorkerOptions();
|
||||
|
||||
builder.Services.Configure<HostOptions>(options =>
|
||||
{
|
||||
options.ShutdownTimeout = workerOptions.Shutdown.Timeout;
|
||||
});
|
||||
|
||||
builder.ConfigureScannerWorkerTelemetry(workerOptions);
|
||||
|
||||
if (workerOptions.Authority.Enabled)
|
||||
{
|
||||
builder.Services.AddStellaOpsAuthClient(clientOptions =>
|
||||
{
|
||||
clientOptions.Authority = workerOptions.Authority.Issuer?.Trim() ?? string.Empty;
|
||||
clientOptions.ClientId = workerOptions.Authority.ClientId?.Trim() ?? string.Empty;
|
||||
clientOptions.ClientSecret = workerOptions.Authority.ClientSecret;
|
||||
clientOptions.EnableRetries = workerOptions.Authority.Resilience.EnableRetries ?? true;
|
||||
clientOptions.HttpTimeout = TimeSpan.FromSeconds(workerOptions.Authority.BackchannelTimeoutSeconds);
|
||||
|
||||
clientOptions.DefaultScopes.Clear();
|
||||
foreach (var scope in workerOptions.Authority.Scopes)
|
||||
{
|
||||
if (string.IsNullOrWhiteSpace(scope))
|
||||
{
|
||||
continue;
|
||||
}
|
||||
|
||||
clientOptions.DefaultScopes.Add(scope);
|
||||
}
|
||||
|
||||
clientOptions.RetryDelays.Clear();
|
||||
foreach (var delay in workerOptions.Authority.Resilience.RetryDelays)
|
||||
{
|
||||
if (delay <= TimeSpan.Zero)
|
||||
{
|
||||
continue;
|
||||
}
|
||||
|
||||
clientOptions.RetryDelays.Add(delay);
|
||||
}
|
||||
|
||||
if (workerOptions.Authority.Resilience.AllowOfflineCacheFallback is bool allowOffline)
|
||||
{
|
||||
clientOptions.AllowOfflineCacheFallback = allowOffline;
|
||||
}
|
||||
|
||||
if (workerOptions.Authority.Resilience.OfflineCacheTolerance is { } tolerance && tolerance > TimeSpan.Zero)
|
||||
{
|
||||
clientOptions.OfflineCacheTolerance = tolerance;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
builder.Logging.Configure(options =>
|
||||
{
|
||||
options.ActivityTrackingOptions = ActivityTrackingOptions.SpanId
|
||||
| ActivityTrackingOptions.TraceId
|
||||
| ActivityTrackingOptions.ParentId;
|
||||
});
|
||||
|
||||
var host = builder.Build();
|
||||
|
||||
await host.RunAsync();
|
||||
|
||||
public partial class Program;
|
||||
|
||||
@@ -21,5 +21,10 @@
|
||||
<ProjectReference Include="../__Libraries/StellaOps.Scanner.Analyzers.Lang/StellaOps.Scanner.Analyzers.Lang.csproj" />
|
||||
<ProjectReference Include="../__Libraries/StellaOps.Scanner.EntryTrace/StellaOps.Scanner.EntryTrace.csproj" />
|
||||
<ProjectReference Include="../__Libraries/StellaOps.Scanner.Cache/StellaOps.Scanner.Cache.csproj" />
|
||||
<ProjectReference Include="../__Libraries/StellaOps.Scanner.Surface.Env/StellaOps.Scanner.Surface.Env.csproj" />
|
||||
<ProjectReference Include="../__Libraries/StellaOps.Scanner.Surface.Validation/StellaOps.Scanner.Surface.Validation.csproj" />
|
||||
<ProjectReference Include="../__Libraries/StellaOps.Scanner.Surface.Secrets/StellaOps.Scanner.Surface.Secrets.csproj" />
|
||||
<ProjectReference Include="../__Libraries/StellaOps.Scanner.Surface.FS/StellaOps.Scanner.Surface.FS.csproj" />
|
||||
<ProjectReference Include="../__Libraries/StellaOps.Scanner.Storage/StellaOps.Scanner.Storage.csproj" />
|
||||
</ItemGroup>
|
||||
</Project>
|
||||
</Project>
|
||||
|
||||
Reference in New Issue
Block a user